Code Name Catastrophe 



How Moscow Cracked Our Secret Cipher Systems 



By William Scott Malone and William Cran 



T he cold war between the United 
States and the Soviet Union may be 
winding down, but the spy war be- 
tween them continues. And there’s new ev- 
idence that America may have suffered 
greater damage in this secret war than is 
generally recognized. 

The Soviets appear to have obtained ac- 
cess to the most deeply held U.S. secret of 
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all — the codes used to protect our sensitive 
government,, messages. U.S. intelligence 
and law-enforcement officials say they base 
this analysis on a careful review of the 1985 
John Walker spy case, which leads them to 
two disturbing conclusions: 

■ The United States hasn’t caught all the 
Soviet code spies. More Walkers are prpbf 
ably out there, still undetected. Investig^ 
tors reached this judgment because of in« 
dications that Moscow had other, and p&r 
haps better, sources of U.S. “crypto” se- 
crets than the Walker spy ring. 

■ The Soviets have broken some supposedi 
ly “unbreakable” cipher systems. Investiga« 
tors believe that by piecing together tech*, 
nical information provided by Walker ancE 
his associates, the Soviets have been able to! 
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replicate U.S. hardware and read at least 
some of our secret message traffic — a feat 
that U.S. officials once believed was impos- 
sible. 

A sign of America’s continuing espio- 
nage problem came during the past 
month, with the arrest of U.S. Army 
. Warrant Officer James W. Hall III in Geor- 
gia and former Navy chief petty officer 
Craig D. Kunkie in Virginia. Kunkle, who 
was arrested during an FBI sting operation 
two weeks ago, didn’t actually pass secrets 
to the KGB, so he isn’t believed to have 
caused any real damage. But Hall’s alleged 
: espionage, if true, was of a far more dam- 
aging nature. As an Army signals-intelli- 
gence specialist. Hall had access to super- 
secret U.S. cryptographic machines and 
keylists, more commonly known as codes 
and ciphers. 

The Walker case showed just how vulner- 
able these code systems are. John A. Walk- 
er Jr., a onetime Navy warrant officer, 
spied for the KGB for almost 20 years be- 
fore he was arrested in May 1985, after his 
ex-wife turned him in to the FBI. Walker 
had recruited his brother, his 20-year-o!d 
son and his best friend into his spy ring. 

“It was the greatest case in KGB history,” 
former KGB defector Vitaly Yurchenko told 
his American debriefers in 1985. “We de- 
ciphered millions of your messages. If there 
had been a war, we would have won it.” 
“K-Mart has better security than the U.S. 
Navy," Walker told us during a series of in- 
terviews last August for a PBS “Frontline” 
documentary on the Soviet espionage 
threat. He noted that he used to tell his 
partner, Jerry Whitworth, that selling U.S. 
secrets “was a buyers’ market.” 

What worries Phillip Parker, the former 
FBI deputy assistant director for counter- 
intelligence who supervised the Walker 
case, is that the KGB’s handling of Walker 
demonstrated that he was not their most 
important agent. “He was just another mes- 
senger boy,” says Parker. “There are no 
doubt other John Walkers still out there.” 
agrees a National Security Agency (NSA) 
official. 

From Walker’s very first visit to the So- 
viet Embassy in Washington in December 
1967, it was obvious the Soviets were in- 
timately familiar with America’s top-secret 
codes. When Walker, at that first meeting, 
presented a copy of a Navy keylist stamped 
“Top Secret Specat [Special Category],” the 
KGB security officer immediately wanted to 
know why there was no “Letter of Promul- 
gation” signature on the back of the keylist. 
It took the startled spy a few moments to 
realize that the NSA had recently discon- 



tinued the signature practice. 

As with the famous Sherlock Holmes case 
in which the crucial clue was a dog that 
didn’t bark, the most important thing about 
the Walker case may be the questions the 
KGB didn’t ask him. “I can only deduce that 
they were getting their information from 
somewhere else,” Walker eventually con- 
cluded. 

“The NSA boys went pale when I told 
them about the Russians not wanting any- 
thing on the [then most advanced ma- 
chines]. It meant that it had already been 
compromised,” says Walker. Such a conclu- 
sion offers perhaps the most disturbing im- 
- plication tor U.S. security, since a new gen- 



eration of U.S. code machines had begun to 
go into service by the early 1980s with the 
Air Force, Army, Navy and NATO. 

To assess the damage done by Walker 
and the other spies, it’s necessary to under- 
stand a bit about the arcane science of cryp- 
tology. Experts say there are two basic el- 
ements to a modern code system: the logic 
and the key. The humming. Navy-gray code 
machines contain what is in essence an elec- 
tronic formula (or algorithm) called the log- 
ic. The key is a list of numbers and letters 
that set the machine and tell the logic for- 
mula when to commence. To maximize se- 
curity, U.S. keylists are changed every 24 
hours. 

The m.achines themselves, along with 
their associated “technical manuals,” while 
closely guarded, are usually not top-secret, 
because they are distributed around the 
world and their designers assume they will 
eventually be lost or stolen. The NSA has 
long presumed that no machine by itself 
could be used to read a coded message — 
without that day’s keylist. Keylists thus be- 
come the object of intense classification and 
protection. 

“In the context of communications infor- 
mation," the keylist is considered the ulti- 
mate,” recalled Walker’s convicted cohort 
Jerry Whitworth in an interview for the 
“Frontline” documentary. “The only other 
thing that’s better would be the keylist, 
tech manual and the equipment. Then 
you’ve got the whole shebang.” 

“Obviously you can’t steal the equip- 
ment,” explains Walker, “so the next best 
thing would be to give them the technical 
manual. From the technical manual, you can 
build the equipment by a process of [re- 
verse] engineering.” 

Walker did just that. Using a Minox cam- 
era, he supplied the Soviets with all the 
technical manuals he could lay his hands on. 
“They got the original technical manuals 
from me and I provided them with amend- 





John Walker with electronic equipment in 1983 before his arrest as a Soviet code spy. 



merits [and] modifications to that equip- 
ment as they occurred over the years,” says 
Walker. “When Mr. Whitworth took over, 
he continued to provide those changes ba- 
sically to the [KWR-j37 and to the [KW-]7” 
code machines. 

The Soviets still needed the daily key- 
lists, but Walker, and later Whitworth, kept 
them amply supplied. Whitworth let his 
pride show when discussing a $10,000 bo- 
nus Walker paid him for providing “months” 
of continuous keylists. “The bonus thing 
came up over a period of having years of 
consistency — not months, but years,” he 
says. 

The NSA had thought that even if this 
sort of breach occurred, the damage would 
be limited. Earl David Clark, the former 
chief of NSA’s Office of Communications 
Security, testified during Whitworth’s trial 
in 1986: “We design our systems [so] that 
without a key, we are highly confident that 
no one can read these 



communications .... You would only be 
able to exploit those communications for 
which you have that logic [tech manual] and 
keying material in which those communi- 
cations were encrypted. [You] could not 
read tomorrow’s traffic if [you] didn’t have 
tomorrow’s key . . . .” 

C lark’s confidence may have been mis- 
placed. According to Navy officials, 
the internal design logic of some ma- 
chines was indeed compromised by the 
Walker spy ring, and the Soviets were able 
to read secret U.S. messages without the 
keylists. Adm. James D. Watkins, then chief 
of naval operations, obliquely acknowledged 
the compromise during a June 1985 press 
briefing. According to Watkins, loss of the 
cryptographic logic designs was “the most 
serious area of compromise. Some technical 
design communications information has 
probably been lost.” 

Four months later, after Walker began 
cooperating with damage-assessment offi- 
cials, then Navy secretary John Lehman 
was more specific: “We assume that the So- 
viets were able to compromise the design 
logic of some of the cryptographic ma- 




chines, which would enable them in some 
cases to crack the code without key cards. 
And we assume they have.” 

One of the compromised systems was the 
most widely used code machine of all, the 
KW-7, a fact recently confirmed to us by 
four past or present NSA officials. Although 
the KW-7 has been replaced, it was once 
the mainstay of crypto-communications for 
the entire government. It was also used to 
communicate with many of our NATO al- 
lies. In addition to the KW-7, two NSA of- 
ficials said that the reliability of the Navy’s 
older KWR-37, used for one-way, shore-to- 
ship “Fleet Broadcast” messages, has also 
been completely written off. 

These two code machines were not com- 
promised by the so-called “brute-force” 
method, which entails having supercomput- 
ers run through every possible keylist com- 
bination. Rather, the Soviets apparently had 
so much material — including the KW-7 
hardware, keylists and plain-text versions of 
messages sent on the system — that they 
were able to exploit “design flaws” in the 
KW-7’s logic that allowed them to do what 
the NSA had once believed impossible — 
“break” the machine’s code formula without 
use of the daily keylist. 

“The Soviets have always been reputed 
to be rather good in code breaking,” says 
David Kahn, author of “The Codebreakers.” 
“It’s known that three things seem to be as- 
sociated with success in code-breaking: 
musicianship, chess and mathematics. What 
are the three things the Russians are best 
at?” 

Collectively, Walker and Whitworth sup- 
plied some six virtually continuous years of 
keylists for the KW-7 and KWR-37. Walker 
says he also provided the Soviets the tech- 
nical manuals, complete with the precise 
schematics of the design logic, for the KW-7 
and the KWR-37 systems. All subsequent 
KW-7 and KWR-37 equipment modifica- 
tions were provided by Whitworth, both 
spies now confirm. 

The Soviets had also obtained actual 
working versions of these machines. The 
United States lost both KW-7 and KWR-37 
machines in January 1968, when North Ko- 
rean gunboats seized the U.S. spy ship USS 
Pueblo for allegedly violating their territo- 
rial waters, and at least one other KW-7 
was lost in Vietnam in the early 1970s, ac- 
cording to court testimony and Navy doc- 
uments. So the “design logic” was unques- 
tionably compromised, even when later 
modified. 

The NSA’s position at the time, accord- 
ing to former communications security chief 
Clark, was that even with one of the seized 
KW-7s, the Soviets “wouldn’t be able to de- 
crypt it unless they had a correct key.” But 
within weeks after the Pueblo was seized, 
the KGB’s codebreaking Department 16 



had the KW-7’s worldwide keylists, cour- 
tesy of their newly recruited spy. Warrant 
Officer John Walker. 

While the Soviets never told Walker how 
successful their U.S. codebreaking efforts 
had been, they did once tell him when their 
KWR-37 replica machine had stopped read- 
ing secret U.S. messages in early 1980. 
Walker and Whitworth subsequently decid- 
ed the problem stemmed from a new secu- 
rity device called a “Card Reader Insert 
Board,” into which a keylist was placed and 
then reattached to the machine. Whitworth 
then sketched this new board and sent it on 
to Walker. 

“I provided a diagram, a tracing ... of 
the card reader,” Whitworth admits when 
pressed. “That’s true.” The Soviets had no 



further complaints about reading the KWR- 
37 Fleet Broadcast messages. 

By early 1984, the KGB’s wish-list for 
Walker was narrowing. During a chilly 
meeting outside a Vienna mens’ shop. Walk- 
er’s KGB handler told him they still wanted 
“7 subsystems” (KW-7 hardware modifica- 
tions), as well as naval operational orders 
and plans. 

And, in a request that once again seemed 
to demonstrate the Soviets still had better 
access to U.S. secrets than either Walker or 
Whitworth, the KGB agent asked for copies 
of something called an “NCM,” which Walk- 
er says stood for some sort of "crypto-re- 
lated ‘National Command Memorandum.’” 
Neither Walker nor Whitworth had ever 
heard of this item before. 

Fortunately, Walker and Whitworth did 
not have NSA “crypto clearances,” and 
therefore never had access to the so-called 
“Blue Channel,” used for super-sensitive 
“special intelligence” information. The Navy 
employs an entirely separate communica- 
tions system on ships and bases for such 
messages, although the systems did use 
some of the same equipment, including the 
KW-7 and the KWR-37. 

T he severe damage done by the Walk- 
er ring probably ended several years 
before they were caught. In the early 
1980s, the NSA introduced various safe- 
guards, including canister-type keylist dis- 
pensers, that prevented someone from re- 
moving a keylist and later returning it; “lim- 
ited” technical manuals, which contained no 
logic diagrams; and unphotographabie types 
of keylists for the Navy’s new, advanced 
code machines. 

Walker now says the creators of those in- 
ovations “should be awarded medals.” 

But the demise of the Walker ring didn’t 
stop the KGB. At about the same time 
Walker’s crypto supply to the Soviets 
ended. Army Warrant Officer James Hall 




had just come on line in Berlin, as a signais- 
intelligence specialist for the NSA’s military 
subsidiary, the Army Security Agency, Hall 
had access to a broad array of U.S. crypto 
systems, including the KW-7, according to 
sources. U.S. sources say that Hall has ap- 
parently admitted supplying “important sig- 
nal-intelligence information” to the KGB’s 
proxies in East Germany from late 1982 to 
early 1988. Hall is now said to be cooper- 
ating with authorities. 

What’s ominous is that early last year. 
Hall apparently was told by his Soviet con- 
trollers “to cool off his activities.” “Hall was 
flushed,” concludes one intelligence source. 
“There’s still someone else out there.” 

The likelihood that the codebreakers of 
the KGB’s Department 16 were “not only 
able to copy, but were able to solve” U.S. 
codes, deeply worries Kean College math- 
ematics professor Cipher Deavours, long 
close to the secret world of codes and the 
editor of Cryptologia. “The main assump- 
tions under which the National Security' 
Agency (operates] is that even if the enemy 
has possession of the machine, he won’t be 
able to read any traffic without the key. 
That assumption was wrong. And our entire 
crypto-design philosophy is built on that.” 
“You have to assume they’re certainly not 
arresting everybody,” says Walker, from his 
cell in the isolation block of the most secure 
federal prison at Marion, 111. “There are ob- 
viously other spy rings out there and other 
players. The fact that there were crypto- 
graphic systems and other types of systems 
that they didn’t want is clearly evidence that 
they had other sources.” 




